Browse all 4 CVE security advisories affecting Webilop. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Webilop develops web application security testing tools, primarily focusing on identifying vulnerabilities in web applications and APIs. Historically, their products have commonly detected remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The company maintains a moderate CVE count with four recorded vulnerabilities to date, primarily related to input validation flaws in their own scanning tools. While no major security incidents have been publicly documented, their toolset occasionally produces false positives or misses complex evasion techniques, which is typical in automated web security scanners. Webilop's offerings remain niche compared to larger competitors, with their vulnerability detection capabilities showing standard effectiveness against common web application flaws.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-0735 | User Language Switch <= 1.6.10 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'tab_color_picker_language_switch' Parameter — User Language SwitchCWE-79 | 4.4 | Medium | 2026-02-14 |
| CVE-2026-0745 | User Language Switch <= 1.6.10 - Authenticated (Administrator+) Server-Side Request Forgery via 'info_language' Parameter — User Language SwitchCWE-918 | 5.5 | Medium | 2026-02-14 |
| CVE-2025-49064 | WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability — User Language SwitchCWE-79 | 7.1 | High | 2025-08-14 |
This page lists every published CVE security advisory associated with Webilop. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.